Communications Disruption and the Importance of Focused Compliance Technology

March 13, 2019by Robert Cruz

I’m just back from the first stop in our series of Smarsh Connect regional events, where we were joined by an outstanding roster of compliance thought leaders including Brian Rubin from Eversheds Sutherland, Richard Nummi, who previously served as Senior Attorney with the SEC, Melinda Legaye, President of MGL Consulting, Mike Osterman from Osterman Research, and Marty Colburn, who previously held the role of CTO at FINRA. Each brought a wealth of knowledge and insight that was very well received by our Dallas audience. We’d like to thank them all for joining us.

The discussion throughout the day surfaced numerous challenges faced by firms of all shapes and sizes in financial services, most of which centered on the disruption created by the growth of new communications and collaborations technologies. Why would communications tools be considered disruptive? Here are a few indicators raised over the course of our discussion:

Constantly evolving demographics: Each generation of employee and client brings their own preferences for chat, social, and mobile apps. Millennial and Generation Z workers demand the newest tools that can provide immediate interaction.

The ever-changing mix of communications tools: With each new tool entering the communications ecosystem, there are a similar number of technologies hitting end of life. In fact, Google+ was completely shut down on March 7 and Pivot Chat was recently “retired” — both closures forced firms to scramble to identify alternative networks.

Office365 and Microsoft Teams adoption: Microsoft’s enormous success with Office365 has also come with a few surprises, including an “auto upgrade” from Skype for Business to Teams. This change is causing some firms to pause deployment plans until they can sort through the compliance implications of new features and modalities, and make sure there is no interruption in the capture and archiving of the data.

Regulatory emphasis on RegTech: For both the SEC and FINRA, the term “RegTech” was mentioned prominently in 2019 Priority letters to financial firms, both in describing their own exam methods — which will employ advanced technology and analytics as opposed to strictly relying on lexicon and policy-based inspection — as well as the expectation that firms embrace technological innovation in their own review processes.

How are firms coping with the unpredictability of communications disruption, and what should they expect from their technology partners? Internally, companies remain immersed in updating policies to ensure that the new capabilities of today’s networks are reflected in explicitly acceptable and prohibited communications policies. They are busy training users, they are evaluating new compliance technologies, and they remain vigilant to spot the use of unsanctioned tools. In other words, their daily schedules are entirely devoted to calming and solving disruptions to keep the business on track.

When the focus turned toward expectations for technology partners, innovation and focus were words that frequently popped up. Innovation is key because firms need partners who have a history and reputation for being on the cutting edge of communications technology advances, who understand regulatory directions, and who offer modern platforms that enable proactive responses to ongoing evolution. Meanwhile, the importance of focus was probably best illustrated by former FINRA CTO Marty Colburn. “The benefits of working with someone whose core business is compliant communications technology is that it is where investment is centered, as opposed to competing or potentially diverting attention toward other important domains such as information security or data back-up.” Colburn stated. “I am already seeing quite a few vendors that have either divested or announced end-of-life for products that were not considered their core business”.

In practical terms, the focus that a specific solution vendor has on maintaining compliance with today’s breadth, variety, and complexity of communications sources can be examined by looking at the following:

“Product” versus “connector:” As we’ve discussed in a previous post, vendors that have established product portfolios, where each is engineered, tested, and maintained can provide cost and efficiency advantages to address issues, and provide a regular release cadence.

Respect for the unique, “native” attributes of each network: Each communications tool can be captured by a variety of methods — some better suited than others to address the rigors and specific requirements of regulatory compliance and e-discovery. Collection approaches that capture data via APIs (when available) and preserve context and event-based metadata are becoming even more critical as the use of collaborative tools with complex features and dynamic natures increases.

Enabling uniform policy enforcement: In an ideal world, firms could enforce policies uniformly across all communications sources to follow the spirit of regulatory guidance. Vendors focused on this market are better positioned to work directly with content source providers to quickly incorporate new policy controls for cloud-based content services as they become available.

Proactive vs. reactive: Given the frequency of network changes — as well as end of life and end of support announcements — focused vendors work strategically with the source provider to understand product directions and anticipate new capabilities on the horizon to ensure that compliance and discovery protocols stay in sync, resulting in far fewer disruptions.

Business processes and support: Supporting a broad set of networks entails not just technical breadth, but also existing support infrastructure and communications processes to help companies through product licensing transitions, and to help companies proactively identify reasonable alternatives to networks that are dying.

Ultimately, focus will allow some vendors to innovate faster than others. They will become more effective in helping financial services firms to stay ahead of the disruption, and they will be better at keeping the state of the communications and collaborative demands of their businesses sound well into the future.

Robert Cruz is Senior Director of Information Governance for Smarsh. He has more than 20 years of experience in providing thought leadership on emerging topics including cloud computing, information governance, and discovery cost and risk reduction.

Subscribe

Smarsh handles information you submit to Smarsh in accordance with its Privacy Policy. By clicking "submit", you consent to Smarsh processing your information and storing it in accordance with the Privacy Policy and agree to receive communications from Smarsh and its third-party partners regarding products and services that may be of interest to you. You may withdraw your consent at any time by emailing privacy@smarsh.com.

Follow us:

ARCHIVING & COMPLIANCE BLOG

Our Blog explores the news, trends and best practices in electronic recordkeeping. It’s about managing and getting value from your electronic communications data. It’s about satisfying legal and regulatory obligations. It’s all about turning compliance liability into business insight.

Get a Quote

Tell us about yourself, and we’ll be in touch right away.

Smarsh handles information you submit to Smarsh in accordance with its Privacy Policy. By clicking "submit", you consent to Smarsh processing your information and storing it in accordance with the Privacy Policy and agree to receive communications from Smarsh and its third-party partners regarding products and services that may be of interest to you. You may withdraw your consent at any time by emailing privacy@smarsh.com.

Contact Us

Tell us about yourself, and we’ll be in touch right away.

Smarsh handles information you submit to Smarsh in accordance with its Privacy Policy. By clicking "submit", you consent to Smarsh processing your information and storing it in accordance with the Privacy Policy and agree to receive communications from Smarsh and its third-party partners regarding products and services that may be of interest to you. You may withdraw your consent at any time by emailing privacy@smarsh.com.